nodejs加密解密有什么问题? [英] What's wrong with nodejs crypto decipher?
问题描述
我有以下加密数据:
U2FsdGVkX1 + 21O5RB08bavFTq7Yq / gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o
解密的密码是:密码
a href =https://github.com/mdp/gibberish-aes> gibberish-aes )
(it's the example from gibberish-aes)
在命令行中使用openssl:
In the command line using openssl:
echoU2FsdGVkX1 + 21O5RB08bavFTq7Yq / gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o| openssl enc -d -aes-256-cbc -a -k password
输出为:
使用Gibberish \\\
使用NodeJS应用程序:
With my NodeJS application:
var decipher = crypto.createDecipher('aes-256-cbc', "password");
var dec = decipher.update("U2FsdGVkX1+21O5RB08bavFTq7Yq/gChmXrO3f00tvJaT55A5pPvqw0zFVnHSW1o",
'base64', 'utf8');
dec += decipher.final('utf8');
我有以下错误 TypeError:DecipherFinal fail
在 decipher.final
行。
我错过了什么?感谢。
推荐答案
加密的数据以8字节的魔法开头,表示有盐。然后下8个字节是盐。现在坏消息:Node.js似乎没有为EVP_BytesToKey方法使用salt:
The encrypted data starts with a 8 byte "magic" indicating that there is a salt. Then the next 8 bytes is the salt. Now the bad news: Node.js does not seem to use the salt for the EVP_BytesToKey method:
int key_len = EVP_BytesToKey(cipher, EVP_md5(), NULL,
(unsigned char*) key_buf, key_buf_len, 1, key, iv);
NULL
p>
这已使用Java测试应用程序(使用正确的盐)进行验证 - 返回了结果字符串。
That NULL
is the salt.
请使用OpenSSL -nosalt
开关离开盐,然后重试。
This has been verified using a Java test application (using the right salt) - the result string was returned.
[EXAMPLE]
Please leave out the salt using the OpenSSL -nosalt
switch and try again.
OpenSSL CLI:
[EXAMPLE]
OpenSSL CLI:
NodeJS crypto: / p>
openssl enc -aes-256-cbc -nosalt -a -k password
owlstead
Mh5yxIyZH+fSMTkSgkLa5w==
NodeJS crypto:
[LATE EDIT]请注意,并且大的工作因素可能是安全的最重要的。您最好使用非常独特的高熵密码,否则加密的数据可能会有风险。
[LATE EDIT] Note that using secret key derivation with a salt and large work factor may be paramount to security. You'd better use a very unique, high entropy password otherwise your encrypted data may be at risk.
这篇关于nodejs加密解密有什么问题?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!